<?
//------------------------------------------------------------------------------
//------------------------------------------------------------------------------


include('sys/init.php');

$current_user = hello();

if(!is_user($current_user)) header('location: '._basedomain);

$can_addnew       = check_user_right('bugs', 'add_bug',     $current_user['rights']);
$can_edit_own     = check_user_right('bugs', 'edit_own',    $current_user['rights']);
$can_edit_other   = check_user_right('bugs', 'edit_other',  $current_user['rights']);
$can_edit_status  = check_user_right('bugs', 'edit_status', $current_user['rights']);
$can_set_fav      = check_user_right('bugs', 'set_fav',     $current_user['rights']);

$can_delete       = check_user_right('bugs', 'delete_bugs', $current_user['rights']);


//------------------------------------------------------------------------------
//------------------------------------------------------------------------------


if($_POST['what']=='bug' && $_POST['bid']==0)
{
   if($can_addnew)
   {
      $bug = array(
                   'title'    => justwords($_POST['bugttl']),
                   'date'     => now(),
                   'rate'     => justdigs ($_POST['bugrate']),
                   'place_id' => justdigs ($_POST['bugplace']),
                   'type_id'  => justdigs ($_POST['bugtype']),
                   'user_id'  => $current_user['id'],
                   'status'   => justdigs ($_POST['bugstatus']),
                   'level_id' => justdigs ($_POST['buglevel']),
                   'tags'     => justwords($_POST['bugtags'])
                   );
                   
      $commentxt = justhtml($_POST['bugcmt']);
      

      if( strlen($bug['title']) > _title_length &&
          strlen($bug['date']) > 5 &&
          strlen($commentxt) > _comment_length &&
          $bug['place_id'] > 0 &&
          $bug['type_id'] > 0 &&
          $bug['status'] > 0 &&
          $bug['rate'] > 0
        )
      {
         $files = check_uploaded_files($_FILES);
         
         $comment = array(
                        'date'   => $bug['date'],
                        'bug_id' => 'new',
                        'user_id'=> $bug['user_id'],
                        'text'   => $commentxt,
                        'ip'     => getenv('REMOTE_ADDR'),
                        'isfirst'=> 1
                         );
                         
         $nbid = add_new_bug($bug, $comment, $files);
         
         if($nbid > 0)
			{
				//--------------------------------------------------------------------------------------
				
				$level = get_rfc_item( 'levels', $bug['level_id'] );
				$users = get_users_by_level( $level['num'] );
				
				$kws = array('_LINK_', '_TITLE_');
				$r   = array(_basedomain.'/bugs/'.$nbid, $bug['title']);
				
				$msg = str_replace( $kws, $r, get_tpl('msg_newbug.html') );
				
				message2users( $users, $msg, get_tpl('msg_newbugtitle.html') );
				
				//--------------------------------------------------------------------------------------
				
				header('location:'._basedomain.'/bugs/'.$nbid);
			}
         
         else go_back();
      }
         
      else go_back();
   }
   else header('location:/bugs');
}

//------------------------------------------------------------------------------
//------------------------------------------------------------------------------


elseif($_POST['what']=='bug' && $_POST['bid']>0)
{
   $bid = justdigs($_POST['bid']);
   
   $oldbug = is_bug($bid, false, $current_user['level']);
   if(!$oldbug) header('location:'._basedomain.'/bugs');

   $canedit = ( $can_edit_other || ( $can_edit_own && is_his_bug($bid, $oldbug, $current_user) ) );
   
   if($canedit)
   {
      $bug = array(
                   'id'       => $bid,
                   'title'    => justwords($_POST['bugttl']),
                   'date'     => now(),
                   'rate'     => justdigs ($_POST['bugrate']),
                   'place_id' => justdigs ($_POST['bugplace']),
                   'type_id'  => justdigs ($_POST['bugtype']),
                   'user_id'  => justdigs ($_POST['authorid']),
                   'status'   => justdigs ($_POST['bugstatus']),
                   'level_id' => justdigs ($_POST['buglevel']),
                   'tags'     => justwords($_POST['bugtags'])
                   );

      $commentxt = justhtml($_POST['bugcmt']);


      if( strlen($bug['title']) > _title_length &&
          strlen($bug['date']) > 5 &&
          strlen($commentxt) > _comment_length &&
          $bug['place_id'] > 0 &&
          $bug['type_id'] > 0 &&
          $bug['user_id'] > 0 &&
          $bug['status'] > 0 &&
          $bug['rate'] > 0
        )
      {
         $files = check_uploaded_files($_FILES);

         $comment = array(
                        'id'     => justdigs($_POST['commentid']),
                        'date'   => $bug['date'],
                        'bug_id' => $bug['id'],
                        'user_id'=> $bug['user_id'],
                        'text'   => $commentxt,
                        'ip'     => getenv('REMOTE_ADDR'),
                        'isfirst'=> 1
                         );

         $nbid = edit_bug($bug, $comment, $files);

         if($nbid > 0) header('location:'._basedomain.'/bugs/'.$nbid);

         else go_back();
      }

      else go_back();
   }
   else header('location:'._basedomain.'/bugs');
}


//------------------------------------------------------------------------------
//------------------------------------------------------------------------------


elseif($_POST['what']=='deletebug' && $_POST['bid']>0)
{
   $bid = justdigs($_POST['bid']);
   
   $candothis = ( ($can_delete && $can_edit_other) ||
                  (is_his_bug($bid, false, $current_user['id']) && $can_delete && $can_edit_own )
                );
   
   if($candothis && deletebug($bid)) die('deleted'.$bid);
   else die('oops! '.$bid);

}


//------------------------------------------------------------------------------
//------------------------------------------------------------------------------


elseif($_POST['what']=='changestatus' && $_POST['status']>0 && $_POST['bid']>0)
{
   $bid = justdigs($_POST['bid']);

   $bug = is_bug($bid, false, $current_user['level']);
   if(!$bug) die('wooot?');

   $canedit = ( $can_edit_other || ( $can_edit_own && is_his_bug($bid, $bug, $current_user) ) || $can_edit_status );

   if($canedit)
   {
      $bug['status'] = justdigs($_POST['status']);

      $res = edit_bug($bug, false, array());

      if( $res ) die('ok');
      else die('error 1: '.$res);
   }
   else die('error 2');
}



//------------------------------------------------------------------------------
//------------------------------------------------------------------------------


elseif($_POST['what']=='setfav' && isset($_POST['fav']) && $_POST['bid']>0)
{
   $bid = justdigs($_POST['bid']);

   $bug = is_bug($bid, false, $current_user['level']);
   if(!$bug) die('wooot?');

   $canedit = ( $can_set_fav );

   if($canedit)
   {
      $bug['fav'] = $_POST['fav']==1 ? 1 : 0;

      $res = edit_bug($bug, false, array());

      if( $res ) die('ok');
      else die('error 1: '.$res);
   }
   else die('error 2');
}
else die('oops?');















?>
